You're absolutely right that integrity checking needs to be built into this. Exactly how that happens is still up in the air. A few months ago at the face to face in SF I mentioned the need for fail fast able Incremental integrity checking. I still want that. On Nov 19, 2013 4:57 PM, "Roberto Peon" <grmocg@gmail.com> wrote: > The distinct and important difference is that at least one party would be > able to figure out that something odd is happening when integrity is > available, where it is much more difficult when integrity isn't present. > -=R > > > On Tue, Nov 19, 2013 at 4:43 PM, Poul-Henning Kamp <phk@phk.freebsd.dk>wrote: > >> In message < >> CAP+FsNdjAVz8T3Dr895kwiZrnQv18YDJb1zyGECLZ-ct_EdXUg@mail.gmail.com> >> , Roberto Peon writes: >> >> >The bigger problem is that the proxy might prevent the negotiation from >> >occurring. >> >> ...In which case it is very likely also blocking any attempt to avoid >> using the proxy, so your end-to-end attempt is not going to work either. >> >> Or if it works, it's probably on a trojaned cert. >> >> -- >> Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 >> phk@FreeBSD.ORG | TCP/IP since RFC 956 >> FreeBSD committer | BSD since 4.3-tahoe >> Never attribute to malice what can adequately be explained by >> incompetence. >> > >
Received on Wednesday, 20 November 2013 01:05:10 UTC